#!/bin/bash

# 检查内核是否支持IMA
if ! grep -q "^CONFIG_IMA=y" /boot/config-$(uname -r) 2>/dev/null; then
    echo "[-] 错误：内核不支持IMA子系统"
    exit 1
fi

# 检查IMA是否已在内核启动参数中启用
if grep -q "ima=on" /proc/cmdline; then
    echo "[+] IMA子系统已启用"
else
    echo "[-] 错误：IMA子系统未启用"
    exit 1
fi

